IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This adds the ability to bootstrap a cluster using the API.
The API simply starts the bootkube service.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
- Replaced the basic intro text for 0.3 and 0.4 on the docs home page with
more useful information and links to next steps.
Signed-off-by: Timothy Gerla <tim@gerla.net>
- add 0.5 docs branched from 0.4
- add intro page and "get help" pages
- moved Docker and Firecracker into a "Local Clusters" category
- switch to markdown-it from markd for consistency between corp site and docs site
- use markdown-it-anchor to create linkable anchors to sections within a page
- improve urls to use / instead of # for docs pages (WARNING: this breaks old links)
- continue to simplify handling in the Content.vue component
- update JS deps
Signed-off-by: Timothy Gerla <tim@gerla.net>
- simplify the docs page handling logic and get more nuxt-like
- the handleClick function was vestigial and didn't do anything anymore, remove it
- simplify the Vuex state quite a bit, remove activeDocPath
- clean up github link generation code, and fix#2076
Signed-off-by: Timothy Gerla <tim@gerla.net>
Handle dual-stack configurations with the bootkube wrapper. This uses
the new PodCIDRs and ServiceCIDRs `asset.Config` parameters in bootkube.
It also relies on the bootkube-plugin features for manipulating
kube-proxy config and installing the dual-stack DNS service.
Fixes#2055
Signed-off-by: Seán C McCord <ulexus@gmail.com>
This extracts health & crashdump features which were specific to
provisioning code into separate package which can be used standalone.
Everything else is just new glue.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Signed-off-by: zerodayz <cerninr@gmail.com>
docs: add installation chapter to firecracker getting started
docs: add troubleshooting chapter to firecracker getting started
docs: add install and troubleshooting section in firecracker getting started
Signed-off-by: zerodayz <cerninr@gmail.com>
This fixes random markdown linting issues. The previous `sentences-per-line`
library seems to be broken now, and unmaintained. This moves to using
`textlint` instead.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This brings the v0.4 docs out of pre-release status, and updates links
to point to v0.4 docs by default.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
Provides capability to add extra headers in cases where files can only be fetched with token based authenction.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: extra manifest headers for fetching manifests
- Changed config to map of key value pairs.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: added docs for new extra headers fetch
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: fix linter issue
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
This PR removes the references to adding in the random CPU trust to the
kernel for all v0.4 docs, as well as in the iso command in the
installer. This is no longer needed with the newer linux kernel.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
- Lots of usability improvements to the docs sidebar.
- Headers aren't links to content anymore.
- All of the old index content has been moved to "Overview" pages that have
explicit links in the docs sidebar.
- Lots and lots of styling cleanups.
Signed-off-by: Tim Gerla <tim@gerla.net>
This PR will allow users to configure /etc/hosts through the network
config section, as opposed to having to use a file append operation.
Example usage might look something like:
```
...
...
machine:
...
...
network:
extraHostEntries:
- ip: 192.168.1.100
aliases:
- test
- test.wtf.bbq
...
...
```
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR will introduce a `-p/--exposed-ports` flag to talosctl. This
flag will allow us to enable port forwards on worker nodes only. This
will allow for ingresses on docker clusters so we can hopefully use
ingress for Arges initial bootstrapping. I modeled this after how KIND allows ingresses
[here](https://kind.sigs.k8s.io/docs/user/ingress/)
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR will pull in the latest release of k8s 1.18 so we can start
validating it through our test suite.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
It seems to be useful enough to be the default one and it prevents
simple mistakes while trying to access the cluster which is not ready
yet.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: fixes linting for doc update
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: initial work for supporting vlans
Adding VLAN as option to machine config under devices.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: Add addressing support for VLAN devices.
- Refactors static addressing to not be dependent on machine.Device
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: Add addressing support for VLAN devices.
- Support of VLAN being the default network to use by removing need of addressing on master device.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: Fix the fmt of go files
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: refactor based on review comment.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: remove unused function
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: initial work for supporting vlans
Adding VLAN as option to machine config under devices.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: Add addressing support for VLAN devices.
- Refactors static addressing to not be dependent on machine.Device
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
feat: Add addressing support for VLAN devices.
- Support of VLAN being the default network to use by removing need of addressing on master device.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: Fix the fmt of go files
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: refactor based on review comment.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: fix test case function arguments
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: Add log for debugging address configuration failures
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: fix lint issues.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: fix the lint error.
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
fix: Fix when addressing set with kernel options
Signed-off-by: Niklas Wik <niklas.wik@nokia.com>
This is a rename of the osctl binary. We decided that talosctl is a
better name for the Talos CLI. This does not break any APIs, but does
make older documentation only accurate for previous versions of Talos.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR introduces a new strategy for upgrades. Instead of attempting to
zap the partition table, create a new one, and then format the
partitions, this change will only update the `vmlinuz`, and
`initramfs.xz` being used to boot. It introduces an A/B style upgrade
process, which will allow for easy rollbacks. One deviation from our
original intention with upgrades is that this change does not completely
reset a node. It falls just short of that and does not reset the
partition table. This forces us to keep the current partition scheme in
mind as we make changes in the future, because an upgrade assumes a
specific partition scheme. We can improve upgrades further in the
future, but this will at least make them more dependable. Finally, one
more feature in this PR is the ability to keep state. This enables
single node clusters to upgrade since we keep the etcd data around.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This enables config option 'debug: yes' which redirects service logs to
console which helps debugging cases when API is not available.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This keeps backwards compatibility with `osctl` CLI binary with the
exception of `osctl config generate` which was renamed to `osctl
gen config` to avoid confusion with other `osctl config`
commands which operate on client config, not Talos server config.
Command implementation and helpers were split into subpackages for
cleaner code and more visible boundaries. The resulting binary still
combines commands from both sections into a single binary.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
BREAKING CHANGE: This PR fixes a bug where we were only passing `cluster.local` to the
kubelet configuration. It will also pull in a new version of the
bootkube fork to ensure that custom domains got propogated down to the
API Server certs, as well as the CoreDNS configuration for a cluster.
Existing users should be aware that, if they were previously trying to
use this option in machine configs, that an upgrade will may break
their cluster. It will update a kubelet flag with the new domain, but
CoreDNS and API Server certs will not change since bootkube has already
run. One option may be to change these values manually inside the
Kubernetes cluster. However, it may prove easier to rebuild the cluster
if necessary.
Additionally, this PR also exposes a flag to `osctl config generate`
to allow tweaking this domain value as well.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This PR will allow users to set the `persist: true` value in their
config data to tell talos not to re-pull the config data at each reboot.
The default will still remain as a "pull every time" methodolgy in order
to encourage immutability by default.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
Fixes#1906
This provides lifetime as duration relative to kubeconfig generation
time (the moment `osctl kubeconfig` was called).
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
When images are pulled by Talos or via CRI plugin, configuration
for each registry is applied. Mirrors allow to redirect pull request to
either local registry or cached registry. Auth & TLS enable
authentication and TLS authentication for non-public registries.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
Firecracker launches tries to open VM disk image before every boot,
parses partition table, finds boot partition, tries to read it as FAT32
filesystem, extracts uncompressed kernel from `bzImage` (firecracker
doesn't support `bzImage` yet), extracts initramfs and passes it to
firecracker binary.
This flow allows for extended tests, e.g. testing installer, upgrade and
downgrade tests, etc.
Bootloader emulation is disabled by default for now, can be enabled via
`--with-bootloader-emulation` flag to `osctl cluster create`.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
- add a separate link to get to the corporate site
- unify some styles between corp and OSS sites
- minor responsiveness fixes
Signed-off-by: Tim Gerla <tim@gerla.net>
This removes `extraDiskArgs` from the kubelet configuration field. This
never really was a thing.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This implements old behavior from our initial config that allows for
specifying extra mounts for the kubelet container.
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
This PR will allow for any toml files added into `/var/cri/conf.d` to be
picked up and parsed as a containerd config. This should allow users a
nice way to add additional configs by passing extra files in machine
config like:
```
machine:
...
files:
- content: |
[metrics]
address = "0.0.0.0:11234"
path: /var/cri/conf.d/metrics.toml
op: create
```
Will close#1718.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
This implements `osctl cluster destroy` for Firecracker, adds
new utility command `osctl cluser show`.
Firecracker mode now has control process for firecracker VMs, allowing
clean reboots and background operations.
Lots of small fixes to Firecracker mode, clean CNI shutdown, cleaning up
netns, etc.
Signed-off-by: Andrey Smirnov <smirnov.andrey@gmail.com>
This PR allows for pod checkpointer and coredns images to be customized
for bootkube. We can already customize the hyperkube image and all other
images used by bootkube are CNI-related and can be customized with the
"custom" CNI setup.
Signed-off-by: Spencer Smith <robertspencersmith@gmail.com>
